Can’t seem to get flexible ssl working. Does Cloudflare automatically try all its supported ports when proxying the request? For example if my backend server is listening on port 8080 nonssl, but user typeshttps://mysite.com in their browser, how does cloudflare know to proxy to port 8080???
In fact right now my server is listening to port 443 but not using ssl, I’m just using 443 cause I thought that might help cloudflare. Just trying everything and browser cannot connect to site using domain. But if I type in mysite.com:443 it works (but of course is not using ssl). I also tried running my server on port 8080. Same thing browser can’t connect (get the clouldflare 522 screen).
Cloudflare is set to proxy
Cloudflare is set to use flexible ssl
I thought this was easy before (pretty sure I’ve done this in the past), but confused now
One correction to above, site is working if I type IP address and specify port, so http://##.##.###.##:443. This connects and proves server is working on port 443. Again not an ssl connection. If I type
cloudlflare gives an error that it is trying to server plain http over secure port.
But I already tried 8080 . And again whether 80 or 8080, does cloudflare just guess? or it tries all those ports? Because user has typed https://mysite.com , which browser will use 443 for, so Flexible SSL is supposed to proxy that to my servers http port, but which one?. I guess it just tries them all. It is wacky I can’t specify this. And it doesn’t seem to work
Did you add that port to the URL? 80 is used by default. Any other port needs to be added to the URL therefore.
If your app supports port 8080 only, you need to set up a reverse proxy listening in Port 80 for http://domain.com. Then you just need to type http://domain.com and the request is forwarded to port 8080 internally.
If you don’t want to use a reverse proxy, you have to add that port. http://domain.com:8080
Cloudflare supported ports are those which Cloudflare will proxy ( record). Using an unsupported port will lead to timeouts.
This works though: server listening on 80, user types https://mysite.com into browser
I don’t understand why Cloudflare just doesn’t say, this. Or if they did I missed it. FlexibleSSL requires a server listening on port 80 and user to enter https:mysite.com (no port or they can enter :443 if they want as it is the same thing).
Cloudflare expects standard browser behavior: Port 80 for HTTP, and Port 443 for HTTPS. Flexible mode certainly gets tricky if you’re using non-standard ports, as Flexible opens a standard Port 80 connection to the host. I don’t see a straightforward way to have Flexible mode go to a non-standard port.
Right, but I mean it is completely straight forward if you are cloudflare, to just have a form where someone actually tells cloudflare what port to direct traffic to. For Flexible SSL this actually makes the most sense beacause clearly the site is not serving ssl on port 443, so why is it obvious that it is serving non ssl on port 80?
Anyway I guess my issue is solved because I can use port 80. But it seems odd that their documentation leaves this completely un addressed, or did I miss it? What if I was not serving a website but an API (which would normally use a port like 8080 or something), or running 2 websites on different ports on the same box. It just seems so odd to me for them to just assume port 80 instead of asking.